package com.day.crx.explorer.impl.j2ee;

import com.day.crx.explorer.impl.util.HttpMultipartPost;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Set;
import javax.jcr.Credentials;
import javax.jcr.LoginException;
import javax.jcr.SimpleCredentials;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;

/* loaded from: input_file:com/day/crx/explorer/impl/j2ee/CRXCredentialsProvider.class */
public class CRXCredentialsProvider extends BasicCredentialsProvider {
    private static final Set<String> SPECIAL_PARAMS = new HashSet(6);
    private static final String ATTR_TOKEN = ".token";
    private static final String ATTR_TOKEN_IP = ".token.ip";
    private static final String ATTR_TOKEN_AGENT = ".token.useragent";
    private static final String ATTR_REFERER = "referer";

    public CRXCredentialsProvider() {
        this(null);
    }

    public CRXCredentialsProvider(String str) {
        super(str);
    }

    @Override // com.day.crx.explorer.impl.j2ee.BasicCredentialsProvider, com.day.crx.explorer.impl.j2ee.CredentialsProvider
    public Credentials getCredentials(HttpServletRequest httpServletRequest) throws LoginException, ServletException {
        Credentials credentialsFromParam = getCredentialsFromParam(httpServletRequest);
        if (credentialsFromParam == null) {
            credentialsFromParam = getCredentialsFromToken(httpServletRequest);
            if (credentialsFromParam == null) {
                credentialsFromParam = super.getCredentials(httpServletRequest);
            }
        }
        setCredentialsAttributes(credentialsFromParam, httpServletRequest);
        return credentialsFromParam;
    }

    private static Credentials getCredentialsFromToken(HttpServletRequest httpServletRequest) {
        String loginTokenFromCookies = LoginServlet.getLoginTokenFromCookies(httpServletRequest);
        if (loginTokenFromCookies == null) {
            return null;
        }
        return new TokenCredentials(loginTokenFromCookies);
    }

    private static Credentials getCredentialsFromParam(HttpServletRequest httpServletRequest) {
        SimpleCredentials tokenCredentials;
        String parameter = httpServletRequest.getParameter("UserId");
        String parameter2 = httpServletRequest.getParameter(LoginServlet.PARAM_PASS);
        if (parameter2 == null) {
            parameter2 = BasicCredentialsProvider.EMPTY_DEFAULT_HEADER_VALUE;
        }
        String parameter3 = httpServletRequest.getParameter(".token");
        if (parameter == null || parameter.length() <= 0) {
            tokenCredentials = parameter3 != null ? new TokenCredentials(parameter3) : null;
        } else {
            tokenCredentials = new SimpleCredentials(parameter, parameter2.toCharArray());
            if (parameter3 != null) {
                tokenCredentials.setAttribute(".token", parameter3);
            }
        }
        return tokenCredentials;
    }

    private static void setCredentialsAttributes(Credentials credentials, HttpServletRequest httpServletRequest) {
        String trim;
        String trim2;
        if (credentials instanceof SimpleCredentials) {
            SimpleCredentials simpleCredentials = (SimpleCredentials) credentials;
            if (simpleCredentials.getAttribute(".token") != null) {
                String header = httpServletRequest.getHeader("X-Forwarded-For");
                if (header == null) {
                    trim2 = httpServletRequest.getRemoteAddr();
                } else {
                    String[] split = header.split(",");
                    trim2 = split[split.length - 1].trim();
                }
                simpleCredentials.setAttribute(ATTR_TOKEN_IP, trim2);
                String header2 = httpServletRequest.getHeader("User-Agent");
                if (header2 != null) {
                    simpleCredentials.setAttribute(ATTR_TOKEN_AGENT, header2);
                }
                String header3 = httpServletRequest.getHeader("Referer");
                if (header3 != null) {
                    simpleCredentials.setAttribute(ATTR_REFERER, header3);
                }
                Enumeration parameterNames = httpServletRequest.getParameterNames();
                while (parameterNames.hasMoreElements()) {
                    String obj = parameterNames.nextElement().toString();
                    String parameter = httpServletRequest.getParameter(obj);
                    if (parameter != null && !SPECIAL_PARAMS.contains(obj)) {
                        simpleCredentials.setAttribute(obj, parameter);
                    }
                }
                return;
            }
            return;
        }
        if (credentials instanceof TokenCredentials) {
            TokenCredentials tokenCredentials = (TokenCredentials) credentials;
            String header4 = httpServletRequest.getHeader("X-Forwarded-For");
            if (header4 == null) {
                trim = httpServletRequest.getRemoteAddr();
            } else {
                String[] split2 = header4.split(",");
                trim = split2[split2.length - 1].trim();
            }
            tokenCredentials.setAttribute(ATTR_TOKEN_IP, trim);
            String header5 = httpServletRequest.getHeader("User-Agent");
            if (header5 != null) {
                tokenCredentials.setAttribute(ATTR_TOKEN_AGENT, header5);
            }
            String header6 = httpServletRequest.getHeader("Referer");
            if (header6 != null) {
                tokenCredentials.setAttribute(ATTR_REFERER, header6);
            }
            Enumeration parameterNames2 = httpServletRequest.getParameterNames();
            while (parameterNames2.hasMoreElements()) {
                String obj2 = parameterNames2.nextElement().toString();
                String parameter2 = httpServletRequest.getParameter(obj2);
                if (parameter2 != null && !SPECIAL_PARAMS.contains(obj2)) {
                    tokenCredentials.setAttribute(obj2, parameter2);
                }
            }
        }
    }

    static {
        SPECIAL_PARAMS.add("UserId");
        SPECIAL_PARAMS.add(LoginServlet.PARAM_PASS);
        SPECIAL_PARAMS.add(LoginServlet.PARAM_WORKSPACE);
        SPECIAL_PARAMS.add(".token");
        SPECIAL_PARAMS.add(LoginServlet.PARAM_REDIRECT);
        SPECIAL_PARAMS.add(HttpMultipartPost.PARAMETER_CHARSET);
    }
}
